2 SNMP Protocol Objectives Languages ASN 1 SMI

2. SNMP Protocol Objectives • Languages: ASN. 1, SMI, BER • Name Space, OIDs • MIB-Objects and Traps • Protocol Operations • SNMPv 3 • Exercise SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 1

SNMP Architecture User interface Network management application SNMP NMS SNMP Agent MIB MIB Managed

Retrieve Information 1. What information exist? 2. How to ask? MIB Contract MIB SNMP

SNMP Protocol Encoding • The Goal is to transfer (management) information between heterogeneous systems via a well-understood and machine -independent syntax • Machines vary by - word size: e. g. 8, 16, 32, 64, other - arithmetic type: 1’s complement, 2’s complement - byte ordering: big endian, little endian - character set: ASCII, EBCDIC, 16 bit characters SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 4

SNMP Language 1(2) • ASN. 1 (Abstract Syntax Notation One) - Machine independent language ASN. 1 - Comprehensive, complicated - Described in spec. ITU X. 208 - Easier move to CMIP • SMI (Structure of Management Information) - Subset of ASN. 1 - MIB Tree (name space) - Common Object structure - Generic Data types - SMIv 1 / SMIv 2 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 5

SNMP Language 2(2) • BER (Basic Encoding Rules) - Coding Scheme BER - ASN. 1 to binary representation - Described in spec. ITU X. 209 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 6

MIB Tree 1(4) ccitt iso joint-iso-ccitt org dod internet mgmt exper SNMP & Network

MIB Tree 2(4) mgmt exper mib-2 private enterprises system interfaces at sys. Descr if.

MIB Tree 3(4) ccitt (0) iso (1) joint-iso-ccitt (2) org (3) dod (6) (1)

MIB Tree 4(4) mgmt (2) exper (3) private (4) (1) enterprises (1) mib-2 system (1) interfaces (2) at (3) sys. Descr (1) if. Number (1) (2) if. Table proteon (1) ibm (2) if. Entry (1) SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 10

Interpret Information How to interpret the answer? 010011101 SNMP & Network Management, © 2010

Data Representation Time. Ticks 20 910 200 sys. Up. Time = 2 days, 10: 05: 02 315 420 100 sys. Up. Time = 36 days, 12: 10: 01 NMS 20 910 200 = 2 days, 10: 05: 02 315 420 100 = 36 days, 12: 10: 01 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 12

Data Types – SMIv 1 1(2) • Universal types – INTEGER – OCTET STRING – OBJECT IDENTIFIER – NULL • Application types – Ip. Address – Counter – Gauge – Time. Ticks – Opaque SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 13

Data Types – SMIv 1 2(2) • Constructed types – SEQUENCE OF SNMP &

Data Types – SMIv 2 1(2) • Universal types – INTEGER – OCTET STRING – OBJECT IDENTIFIER – NULL • Application types – Integer 32 -- same tag as INTEGER – Ip. Address – Counter 32 – Gauge 32 – Unsigned 32 -- same tag as Gauge 32 – Time. Ticks – Counter 64 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 15

Data Types – SMIv 2 2(2) • Pseudotypes – BITS • Constructed types –

Data Access • SMIv 1 - not-accessible - read-only - read-write - write-only • SMIv 2 - not-accessible - accessible-for-notify - read-only - read-write - read-create SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 17

Status (requirement level) • SMIv 1 - mandatory - deprecated - obsolete • SMIv

Object Definition – SMIv 1 1(2) sys. Up. Time OBJECT-TYPE SYNTAX Time. Ticks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized. " : : = { system 3 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 19

Object Definition – SMIv 1 2(2) if. Admin. Status OBJECT-TYPE SYNTAX INTEGER { up(1), -- ready to pass packets down(2), testing(3) -- in some test mode } ACCESS read-write STATUS mandatory DESCRIPTION "The desired state of the interface. The testing(3) state indicates that no operational packets can be passed. " : : = { if. Entry 7 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 20

Trap Definition – SMIv 1 1(2) link. Down TRAP-TYPE ENTERPRISE snmp VARIABLES { if. Index } DESCRIPTION "A link. Down trap signifies that the sending protocol entity recognizes a failure in one of the communication links represented in the agent's configuration. " : : = 2 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 21

Trap Definition – SMIv 1 2(2) sys. Alarm TRAP-TYPE ENTERPRISE easysoft VARIABLES { sys. Name, sys. Pri, sys. Message } DESCRIPTION "A sys. Alarm trap signifies that a system or service being monitored has not respond against the configured poll criteria. " : : = 12 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 22

Object Definition – SMIv 2 1(2) sys. Up. Time OBJECT-TYPE SYNTAX Time. Ticks MAX-ACCESS read-only STATUS current DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized. " : : = { system 3 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 23

Object Definition – SMIv 2 2(2) serial. Dialout. Timeout OBJECT-TYPE SYNTAX Integer 32 (1. . 65535) MAX-ACCESS read-create STATUS current DESCRIPTION "This timeout value is used when the probe initiates the serial connection with the intention of contacting a management station. This variable represents the number of seconds of inactivity allowed before terminating the connection on this serial interface. " DEFVAL { 20 } : : = { serial. Config. Entry 8 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 24

Trap Definition – SMIv 2 1(2) link. Down NOTIFICATION-TYPE OBJECTS { if. Index, if. Admin. Status, if. Oper. Status } STATUS current DESCRIPTION "A link. Down trap signifies that the SNMPv 2 entity, acting in an agent role, has detected that the if. Oper. Status object for one of its communication links is about to transition into the down state. " : : = { snmp. Traps 3 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 25

Trap Definition – SMIv 2 2(2) sys. Alarm NOTIFICATION-TYPE OBJECTS { sys. Name, sys. Pri, sys. Message } STATUS current DESCRIPTION "A sys. Alarm trap signifies that a system or service being monitored has not respond against the configured poll criteria. " : : = { easysoft 0 12 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 26

Constructs in MIB Modules • SMIv 1 • SMIv 2 – OBJECT-TYPE – MODULE-IDENTITY – TRAP-TYPE – OBJECT-TYPE – TEXTUAL-CONVENTION – NOTIFICATION-TYPE – OBJECT-IDENTITY – OBJECT-GROUP – NOTIFICATION-GROUP – MODULE-COMPLIANCE – AGENT-CAPABILITIES SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 27

MODULE-IDENTITY rmon MODULE-IDENTITY LAST-UPDATED "9605270000 Z" ORGANIZATION "IETF RMON MIB Working Group" CONTACT-INFO "Steve Waldbusser (WG Editor) Postal: International Network Services 650 Castro Street, Suite 260 Mountain View, CA 94041 Phone: +1 415 254 4251 Email: waldbusser@ins. com” DESCRIPTION "The MIB module for managing remote monitoring device implementations. This MIB module augments the original RMON MIB as specified in RFC 1757. " : : = { mib-2 16 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 28

TEXTUAL-CONVENTION Positive. Integer : : = TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "This data type is a non-zero and non-negative value. " SYNTAX INTEGER (1. . 2147483647) SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 29

MIB Module <module name> DEFINITIONS : : = BEGIN <linkage> <declarations> END SNMP &

SMIv 1 Base Module RFC 1155 -SMI DEFINITIONS : : = BEGIN EXPORTS -- EVERYTHING internet, directory, mgmt, experimental, private, enterprises, OBJECT-TYPE, Object. Name, Object. Syntax, Simple. Syntax, Application. Syntax, Network. Address, Ip. Address, Counter, Gauge, Time. Ticks, Opaque; -- the path to the root internet directory mgmt experimental private enterprises … OBJECT IDENTIFIER : : = { iso org(3) dod(6) 1 } OBJECT IDENTIFIER : : = { internet 2 } OBJECT IDENTIFIER : : = { internet 3 } OBJECT IDENTIFIER : : = { internet 4 } OBJECT IDENTIFIER : : = { private 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 31

SMIv 2 Base Module SNMPv 2 -SMI DEFINITIONS : : = BEGIN -- the path to the root org dod internet directory mgmt mib-2 transmission experimental private enterprises security snmp. V 2 … OBJECT IDENTIFIER : : = { iso 3 } -- "iso" = 1 OBJECT IDENTIFIER : : = { org 6 } OBJECT IDENTIFIER : : = { dod 1 } OBJECT IDENTIFIER : : = { internet 2 } OBJECT IDENTIFIER : : = { mgmt 1 } OBJECT IDENTIFIER : : = { mib-2 10 } OBJECT IDENTIFIER : : = { internet 3 } OBJECT IDENTIFIER : : = { internet 4 } OBJECT IDENTIFIER : : = { private 1 } OBJECT IDENTIFIER : : = { internet 5 } OBJECT IDENTIFIER : : = { internet 6 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 32

MIB-II Module 11 Groups system tcp interfaces udp at egp ip cmot icmp transmission

MIB-II (SMIv 1) 1(3) RFC 1213 -MIB DEFINITIONS : : = BEGIN IMPORTS mgmt, Network. Address, Ip. Address, Counter, Gauge, Time. Ticks FROM RFC 1155 -SMI OBJECT-TYPE FROM RFC-1212; -- This MIB module uses the extended OBJECT-TYPE macro as -- defined in [14]; -- MIB-II (same prefix as MIB-I) mib-2 OBJECT IDENTIFIER : : = { mgmt 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 34

MIB-II 2(3) -- textual conventions Display. String : : = OCTET STRING -- This data type is used to model textual information taken -- from the NVT ASCII character set. By convention, objects -- with this syntax are declared as having -- SIZE (0. . 255) Phys. Address : : = OCTET STRING -- This data type is used to model media addresses. For many -- types of media, this will be in a binary representation. -- For example, an Ethernet-address would be represented as -- a string of 6 octets. SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 35

MIB-II 3(3) -- groups in MIB-II system interfaces at ip icmp tcp udp egp OBJECT IDENTIFIER : : = { mib-2 1 } OBJECT IDENTIFIER : : = { mib-2 2 } OBJECT IDENTIFIER : : = { mib-2 3 } OBJECT IDENTIFIER : : = { mib-2 4 } OBJECT IDENTIFIER : : = { mib-2 5 } OBJECT IDENTIFIER : : = { mib-2 6 } OBJECT IDENTIFIER : : = { mib-2 7 } OBJECT IDENTIFIER : : = { mib-2 8 } -- historical (some say hysterical) -- cmot OBJECT IDENTIFIER : : = { mib-2 9 } transmission OBJECT IDENTIFIER : : = { mib-2 10 } snmp OBJECT IDENTIFIER : : = { mib-2 11 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 36

MIB-II system 1(5) -- the System group -- Implementation of the System group is mandatory for all -- systems. If an agent is not configured to have a value -- for any of these variables, a string of length 0 is -- returned. sys. Descr OBJECT-TYPE SYNTAX Display. String (SIZE (0. . 255)) ACCESS read-only STATUS mandatory DESCRIPTION "A textual description of the entity. This value should include the full name and version-identification of the system's hardware type, software operating-system and networking software. It is mandatory that this only contains printable ASCII characters. " : : = { system 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 37

MIB-II system 2(5) sys. Object. ID OBJECT-TYPE SYNTAX OBJECT IDENTIFIER ACCESS read-only STATUS mandatory DESCRIPTION "The vendor's authoritative identification of the network management subsystem contained in the entity. This value is allocated within the SMI enterprises subtree (1. 3. 6. 1. 4. 1) and provides an easy and unambiguous means for determining `what kind of box' is being managed. For example, if vendor `Flintstones, Inc. ' was assigned the subtree 1. 3. 6. 1. 4242, it could assign the identifier 1. 3. 6. 1. 4242. 1. 1 to its `Fred Router'. " : : = { system 2 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 38

MIB-II system 3(5) sys. Up. Time OBJECT-TYPE SYNTAX Time. Ticks ACCESS read-only STATUS mandatory DESCRIPTION "The time (in hundredths of a second) since the network management portion of the system was last re-initialized. " : : = { system 3 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 39

MIB-II system 4(5) sys. Contact OBJECT-TYPE SYNTAX Display. String (SIZE (0. . 255)) ACCESS read-write STATUS mandatory DESCRIPTION "The textual identification of the contact person for this managed node, together with information on how to contact this person. " : : = { system 4 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 40

MIB-II system 5(5) sys. Name OBJECT-TYPE SYNTAX Display. String (SIZE (0. . 255)) ACCESS read-write STATUS mandatory DESCRIPTION "An administratively-assigned name for this managed node. By convention, this is the node's fully-qualified domain name. " : : = { system 5 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 41

MIB-II interfaces 1(6) if. Number OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "The number of network-interfaces (regardless of their current state) present on this system. " : : = { interfaces 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 42

MIB-II interfaces 2(6) -- the Interfaces table -- The Interfaces table contains information on the entity's -- interfaces. if. Table OBJECT-TYPE SYNTAX SEQUENCE OF If. Entry ACCESS not-accessible STATUS mandatory DESCRIPTION "A list of interface-entries. The number of entries is given by the value of if. Number. " : : = { interfaces 2 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 43

MIB-II interfaces 3(6) if. Entry OBJECT-TYPE SYNTAX If. Entry ACCESS not-accessible STATUS mandatory DESCRIPTION "An interface entry containing objects at the subnetwork-layer and below for a particular interface. " INDEX { if. Index } : : = { if. Table 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 44

MIB-II interfaces 4(6) If. Entry : : = SEQUENCE { if. Index INTEGER, if. Descr Display. String, if. Type INTEGER, … if. Specific OBJECT IDENTIFIER } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 45

MIB-II interfaces 5(6) if. Index OBJECT-TYPE SYNTAX INTEGER ACCESS read-only STATUS mandatory DESCRIPTION "A unique value for each interface. Its value ranges between 1 and the value of if. Number. The value for each interface must remain constant at least from one re-initialization of the entity's network management system to the next reinitialization. " : : = { if. Entry 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 46

MIB-II interfaces 6(6) if. Descr OBJECT-TYPE SYNTAX Display. String (SIZE (0. . 255)) ACCESS read-only STATUS mandatory DESCRIPTION "A textual string containing information about the interface. This string should include the name of the manufacturer, the product-name and the version of the hardware-interface. " : : = { if. Entry 2 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 47

UPS (SMIv 2) 1(4) UPS-MIB DEFINITIONS : : = BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, OBJECT-IDENTITY, Counter 32, Gauge 32, Integer 32 FROM SNMPv 2 -SMI Display. String, Time. Stamp, Time. Interval, Test. And. Incr, Autonomous. Type, TEXTUAL-CONVENTION FROM SNMPv 2 -TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv 2 -CONF mib-2 FROM RFC 1213 -MIB; SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 48

UPS 2(4) ups. MIB MODULE-IDENTITY LAST-UPDATED "9402230000 Z" ORGANIZATION "IETF UPS MIB Working Group" CONTACT-INFO "Jeffrey D. Case Postal: SNMP Research, Incorporated 3001 Kimberlin Heights Road Knoxville, TN 37920 US Tel: +1 615 573 1434 Fax: +1 615 573 9197 E-mail: case@snmp. com" DESCRIPTION "The MIB module to describe Uninterruptible Power Supplies. " : : = { mib-2 33 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 49

UPS 3(4) Positive. Integer : : = TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "This data type is a non-zero and non-negative value. " SYNTAX INTEGER (1. . 2147483647) Non. Negative. Integer : : = TEXTUAL-CONVENTION DISPLAY-HINT "d" STATUS current DESCRIPTION "This data type is a non-negative value. " SYNTAX INTEGER (0. . 2147483647) SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 50

UPS ups. Ident 4(4) ups. Objects OBJECT IDENTIFIER : : = { ups. MIB 1 } -- The Device Identification group. -- All objects in this group except for ups. Ident. Name and -- ups. Ident. Attached. Devices are set at device initialization -- and remain static. ups. Ident OBJECT IDENTIFIER : : = { ups. Objects 1 } ups. Ident. Manufacturer OBJECT-TYPE SYNTAX Display. String (SIZE (0. . 31)) MAX-ACCESS read-only STATUS current DESCRIPTION "The name of the UPS manufacturer. " : : = { ups. Ident 1 } SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 51

SNMP – Architecture OSI Application Presentation Session Transport Network PROTOCOLS T E L N E T S M T P F T P TCP T N F S F T P S N M P Agent = 161 UDP IP, ICMP, GGP, EGP Manager = 162 ARP Ethernet Data Link IEEE 802. x Physical PSDN (X. 25) SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 52

SNMPv 1 – Protocol Operations Get-Request Get. Next-Request Set-Request Response Trap SNMP & Network

SNMPv 2 – Protocol Operations Get-Request Get. Next-Request Get. Bulk-Request Set-Request Response Trap Inform-Request

SNMPv 1 – Get Request PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 … Objectn Type Value null sys. Up. Time 0 public Get 123 0 0 mib-2. 1. 3. 0 single instance SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 55

SNMPv 1 – Response PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID sys. Up. Time 0 public Resp 123 2 1 0 0 mib-2. 1. 3. 0 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Object 1 … Objectn Type Value Time. Ticks 6000 56

SNMPv 1 – Get. Next Request PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 … Objectn Type Value if. Entry. 10 if. Entry. 16 if. In. Octets, if. Out. Octets 0 public Get. Next 124 0 0 no instance SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 57

SNMPv 1 – Response PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 … Type Objectn Value if. In. Octets, if. Out. Octets 0 public Resp 124 0 0 if. Entry. 10. 1 if. Entry. 16. 1 first instance SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 58

SNMPv 1 – Set Request PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 Type … Objectn Value sys. Location 0 private Set 125 0 0 mib-2. 1. 6. 0 OCTET STRING Floor 3 instance SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 59

SNMPv 1 – Response PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 Type … Objectn Value sys. Location 0 private Resp 125 0 0 mib-2. 1. 6. 0 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 OCTET STRING Floor 3 60

SNMPv 1 – Trap PDU Part 2 Part 1 Version Community PDU Enterprise Network Address Variable Bindings Gen Trap Spec Trap Time. Stamp Obj. ID Authentication Failure 0 public Trap easysoft cisco. 1. 15 10. 1. 2. 1 6 12 4 0 Object 1 … Objectn Type Value Ip. Address 10. 1. 2. 67 60000 cisco. 2. 1. 5. 0 (auth. Addr) SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 61

SNMPv 2 – Get. Bulk Request PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 … Objectn Type Value if. Entry. 10 if. Entry. 16 if. In. Octets, if. Out. Octets ( 5 instances ) 1 public Get. Bulk 126 0 5 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 62

SNMPv 2 – Response PDU Part 1 Version Community Variable Bindings Part 2 PDU Req. ID Error Status Error Index Obj. ID Object 1 Type … Objectn Value if. In. Octets, if. Out. Octets ( 5 instances ) 1 public Resp 126 0 0 if. Entry. 10. 1 if. Entry. 16. 1 … if. Entry. 16. 5 Tot. 10 objects SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 63

SNMPv 2 – Trap/Inform PDU Part 1 Version Community Trap / Inform Variable Bindings Part 2 PDU Req. ID Error Status Error Index sys. Up. Time SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Object 1 Object 2 … snmp. Trap. OID 64

SNMPv 3 - Architecture Command Generator Notification Originator Proxy Forwarder Command Responder Notification Receiver Other SNMP Applications SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Access Control Subsystem Security Subsystem Message Processing Subsystem Dispatcher SNMP Entity SNMP Engine 65

SNMP Entity - Manager Command Generator PDU Dispatcher Notification Receiver Message Processing Subsystem v 1 MP Message Dispatcher v 2 c. MP v 3 MP UDP IPX . . . Other Transport Mapping other. MP Security Subsystem User-based Security Model Other Security Model Network SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 66

SNMP Entity - Agent MIB Instrumentation Command Responder Proxy Forwarder PDU Dispatcher Message Processing Subsystem v 1 MP Message Dispatcher v 2 c. MP v 3 MP UDP IPX . . . Other Transport Mapping other. MP Notification Originator Security Subsystem Access Control Subsystem User-based Security Model View-based Access Control Model Other Security Model Other Access Control Model Network SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 67

SNMPv 3 - Message Structure msg. Version msg. ID msg. Max. Size msg. Flags Generated/ Processed by Message Processing Model msg. Security. Model scope of authentication msg. Authoritative. Engine. ID msg. Authoritative. Engine. Boots msg. Authoritative. Engine. Time msg. User. Name Generated/ Processed by User Security Model (USM) msg. Authentication. Parameters scope of encryption msg. Privacy. Parameters context. Engine. ID context. Name PDU SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Scoped PDU (plaintext or encrypted) 68

Serialization Node A Node B Application 1100 0111 0101 11 1010 1001 0010 01 1100 0111 0101 00 1010 1001 0010 01 ? Transport Internet Data Link SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 69

BER – Tag Field 1(2) Tag Length Value Tag format Counter 32 8 7 6 5 4 3 2 1 Class 0 1 0 0 0 1 Constructed 4 Tag Value = 0 x 41 Class Universal Application Context-Specific Private Tag number 1 Bit 8 Bit 7 0 0 1 1 0 1 Comment Built-in types SNMP defined types Used in context Not used in the SNMP protocol Constructed - primitive(0) or constructed(1) SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 70

BER – Tag Field 2(2) Tag Numbers Type INTEGER OCTET STRING NULL OBJECT IDENTIFIER SEQUENCE Ip. Address Counter 32 Gauge 32, Unsigned 32 Time. Ticks Counter 64 Context-Specific no. Such. Object exception no. Such. Instance exception end. Of. Mib. View exception ASN. 1 Tag Number Tag Value Universal 2 Universal 4 Universal 5 Universal 6 Universal 16 Application 0 Application 1 Application 2 Application 3 Application 4 Application 6 Context-Specific 0 Context-Specific 1 Context-Specific 2 0 x 04 0 x 05 0 x 06 0 x 10 0 x 01 0 x 02 0 x 03 0 x 04 0 x 06 0 x 00 0 x 01 0 x 02 0 x 04 0 x 05 0 x 06 0 x 30 0 x 41 0 x 42 0 x 43 0 x 44 0 x 46 0 x 80 0 x 81 0 x 82 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 71

BER – Length Field 1(2) Tag Length Value Short Length form (max 127 byte) 8 7 6 5 4 3 2 1 Short/Long form indicator 0 0 0 1 1 0 Length value 6 bytes data SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 72

BER – Length Field 2(2) Tag Length Value Long Length form (> 127 byte) 8 7 6 5 4 3 2 1 Short/Long form indicator 1 0 0 0 1 0 Length of length field 0 0 0 0 Length value 1 1 0 0 0 200 bytes data SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 73

BER – Value Field Tag Length Value INTEGER (-128. . . 127) Sign bit - plus(0), minus(1) 8 7 6 5 4 3 2 1 Examples 0 0 0 1 0 Send 2 1 0 0 0 1 0 Send -2 1 1 1 0 1 Invert all 0 0 0 1 Add 1 1 1 1 0 Send this 1 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 74

BER – SNMPv 1 Message 0 x 30 - sequence tag len Sequence of fields 0 x 02 - integer tag len Version 0 x 02 - integer tag len Req. ID 0 x 04 - octet string depends on PDU (0 xa 0 - get-request) tag len Community tag len Seq. of fields 0 x 02 - integer tag len Err-stat tag len Err-ind 0 x 30 - sequence tag len Pair of fields 0 x 06 - object identifier tag len ID 0 x 30 - sequence tag len Seq. of Var-bind 0 x 30 - sequence …. tag len Pair of fields depends on type of value tag len Value SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 75

SNMP – Exercise 1(5) 1. Get sys. Name SNMP Manager SNMP Agent (System Group) Oper OID Value Object Name Object ID Get mib-2. 1. 5. 0 null sys. Descr 1. 3. 6. 1. 2. 1. 1. 1 Cisco Internet. . mib-2. 1. 5. 0 ior. easyso. . sys. Object. ID 1. 3. 6. 1. 2. 1. 1. 2 1. 3. 6. 1. 4. 1. 9. 1. 3 sys. Up. Time 1. 3. 6. 1. 2. 1. 1. 3 25920000 sys. Contact 1. 3. 6. 1. 2. 1. 1. 4 nisse hult sys. Name 1. 3. 6. 1. 2. 1. 1. 5 ior. easysoft. se sys. Location 1. 3. 6. 1. 2. 1. 1. 6 Floor 1 sys. Services 1. 3. 6. 1. 2. 1. 1. 7 30 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Value 76

SNMP – Exercise 2(5) 2. Get sys. Location (use Get. Next) SNMP Manager SNMP Agent (System Group) Oper OID Value Object Name Object ID Get. Next mib-2. 1. 5. 0 null sys. Descr 1. 3. 6. 1. 2. 1. 1. 1 Cisco Internet. . mib-2. 1. 6. 0 Floor 1 sys. Object. ID 1. 3. 6. 1. 2. 1. 1. 2 1. 3. 6. 1. 4. 1. 9. 1. 3 sys. Up. Time 1. 3. 6. 1. 2. 1. 1. 3 25920000 sys. Contact 1. 3. 6. 1. 2. 1. 1. 4 nisse hult sys. Name 1. 3. 6. 1. 2. 1. 1. 5 ior. easysoft. se sys. Location 1. 3. 6. 1. 2. 1. 1. 6 Floor 1 sys. Services 1. 3. 6. 1. 2. 1. 1. 7 30 SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Value 77

SNMP – Exercise 3(5) 3. Find out the number of interfaces SNMP Manager SNMP Agent (Interfaces Group) Oper OID Value Object Name Object ID Get mib-2. 2. 1. 0 null if. Number 1. 3. 6. 1. 2. 1 2 mib-2. 2. 1. 0 2 if. Index 1. 3. 6. 1. 2. 2. 1. 1 1 2 if. Descr 1. 3. 6. 1. 2. 2. 1. 2 Ethernet 0 Serial 0 if. Type 1. 3. 6. 1. 2. 2. 1. 3 6 22 if. Mtu 1. 3. 6. 1. 2. 2. 1. 4 1500 if. Speed 1. 3. 6. 1. 2. 2. 1. 5 10000000 1544000 if. Phys. Address 1. 3. 6. 1. 2. 2. 1. 6 aa 00 04 00 09 40 if. Admin. Status 1. 3. 6. 1. 2. 2. 1. 7 1 1 if. Oper. Status 1. 3. 6. 1. 2. 2. 1. 8 1 1 if. Last. Change 1. 3. 6. 1. 2. 2. 1. 9 25915000 13183000 … … if. Specific 1. 3. 6. 1. 2. 2. 1. 22 * SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Value 0 0 78

SNMP – Exercise 4(5) 4. Find out operational status for all interfaces SNMP Manager SNMP Agent (Interfaces Group) Oper OID Value Object Name Object ID Get. Next mib-2. 2. 2. 1. 8 null if. Number 1. 3. 6. 1. 2. 1 2 mib-2. 2. 2. 1. 8. 1 1 (up) if. Index 1. 3. 6. 1. 2. 2. 1. 1 1 2 mib-2. 2. 2. 1. 8. 1 null if. Descr 1. 3. 6. 1. 2. 2. 1. 2 Ethernet 0 Serial 0 mib-2. 2. 2. 1. 8. 2 1 (up) if. Type 1. 3. 6. 1. 2. 2. 1. 3 6 22 mib-2. 2. 2. 1. 8. 2 null if. Mtu 1. 3. 6. 1. 2. 2. 1. 4 1500 mib-2. 2. 2. 1. 9. 1 25915000 if. Speed 1. 3. 6. 1. 2. 2. 1. 5 10000000 1544000 if. Phys. Address 1. 3. 6. 1. 2. 2. 1. 6 aa 00 04 00 09 40 if. Admin. Status 1. 3. 6. 1. 2. 2. 1. 7 1 1 if. Oper. Status 1. 3. 6. 1. 2. 2. 1. 8 1 1 if. Last. Change 1. 3. 6. 1. 2. 2. 1. 9 25915000 13183000 … … if. Specific 1. 3. 6. 1. 2. 2. 1. 22 Get. Next * SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Value 0 0 79

SNMP – Exercise 5(5) 5. Shutdown interface 2 SNMP Manager SNMP Agent (Interfaces Group) Oper OID Value Object Name Object ID Set mib-2. 2. 2. 1. 7. 2 2 if. Number 1. 3. 6. 1. 2. 1 2 mib-2. 2. 2. 1. 7. 2 2 if. Index 1. 3. 6. 1. 2. 2. 1. 1 1 2 if. Descr 1. 3. 6. 1. 2. 2. 1. 2 Ethernet 0 Serial 0 if. Type 1. 3. 6. 1. 2. 2. 1. 3 6 22 if. Mtu 1. 3. 6. 1. 2. 2. 1. 4 1500 if. Speed 1. 3. 6. 1. 2. 2. 1. 5 10000000 1544000 if. Phys. Address 1. 3. 6. 1. 2. 2. 1. 6 aa 00 04 00 09 40 if. Admin. Status 1. 3. 6. 1. 2. 2. 1. 7 1 1 if. Oper. Status 1. 3. 6. 1. 2. 2. 1. 8 1 1 if. Last. Change 1. 3. 6. 1. 2. 2. 1. 9 25915000 13183000 … … if. Specific 1. 3. 6. 1. 2. 2. 1. 22 * SNMP & Network Management, © 2010 Easy Software AB, version 6. 02 Value 0 0 80